<?php

include_once ('bn_path.php');

class bn_login
{
    private $dl;
    private $ui;
    private $conf;
    private $gf;
    public $add_captcha = false;
    private $session;
    protected static $instance;

    function __construct()
    {
            $this->dl = new bn_dal;
            $this->ui = new bn_userinfo;
          $this->conf = new bn_config;
            $this->gf = new bn_genralfunc;
        $this->session= new bn_session('token');
    }

    public static function getInstance()
    {
        if (!isset(self::$instance))
        {
            self::$instance = new self();
        }
        return self::$instance;
    }


    public function check_user($user, $pass)
    {
        return $this->dl->hasrow("select user from users where user=? and pass=?", array($user, $pass));
    }
    
    public function is_user_admin()
    {
        return $this->dl->hasrow("select id from users where id=1 and user='".$this->session->user."'");
    }
    
    public function has_user_permission()
    {
      return $this->dl->hasrow("select id from rols where roleid='".$this->session->rol."' and url='".bn_Get_Current_page()."'");  
    }
    
    public function get_user_id()
    {
       return $this->dl->getvalue("select id from users where user='".$this->session->user."'"); 
    }

    public function login_user()
    {
        if (isset($_POST['login']))
        {
            $errlog=new bn_session('logerror');
            $captcha=new bn_session('captcha');
            //____________________________________anti bruteforce_______________________________
            if ($errlog->count > 7)
            {
                if (strtotime($this->gf->date()) <strtotime($this->gf->date($errlog->date .' + 5 minutes')) )
                    {
                        echo 'you enter wrong pass 7 times please try 5 minutes later' ;
                        return 0;
                    }
                else
                    $errlog->delete();    
            }
            //_____________________________________captcha check________________________________
            if ($captcha->has_session())
            {
                if ($captcha->captcha != $_POST['captcha'])
                    return false;
                $captcha->delete();
            }
            $user = $_POST['user'];
            $pass = $_POST['pass'];
            $pass = $this->gf->Hash_string($pass);
            //_____________________________________begin autorise_______________________________
            if (self::check_user($user, $pass))
            {
                $arr = $this->ui->is_login_today($user);
                if (empty($arr))
                    $arr = $this->ui->is_login_today('unknow');
                if (empty($arr))
                    $arr = $this->ui->create_userinfo($user);
                if ($arr['user'] == 'unknow')
                    $arr = $this->ui->create_userinfo($user, $arr['codex']);
                $this->session->set_array($arr);
                return true;
            } 
            else//______________________bruteforce______________________________________________
            {
                if ($errlog->has_session())
                {
                    $errlog->count += 1;
                    $errlog->date = $this->gf->date();
                } 
                else
                    $errlog->set_array(array('count' => 1, 'date' => $this->gf->date()));
                    return false;
            }//__________________________end brute force________________________________________
        }
    }


    public function login_check($loginpage = 'login.php', $die = false)
    {
        if (!$this->session->has_session())
        {
            $arr = $this->ui->is_login_today('unknow');
            if (empty($arr))
                $arr = $this->ui->create_userinfo('unknow');
        } 
        else//________________________autorise session___________________________________________
        {
            $arr = $this->session->get_array();
            $codex = $this->ui->is_login_today($arr['user']);
            if (empty($codex))
            {
                $codex = $this->ui->is_login_yesterday($arr['user']);
                if (empty($codex) || $codex != $arr)
                    bn_redirect($loginpage);
            } 
            else
            {
                if ($codex != $arr)
                    bn_redirect($loginpage);
            }
        }//________________________check user has permission visit this page______________________
        $this->ui->update_user_info($arr['codex']);
        if ($arr['rol'] == '9999')
        {
            if ($die)
                bn_redirect($loginpage);
            else
            {
                $this->ui->update_user_info($arr['codex']);
                return (object)$arr;
            }
        }
        if (self::is_user_admin() || !$die)
            return (object)$arr;
        else
        if (self::has_user_permission())
        {
            $this->ui->update_user_info($arr['codex']);
            return (object)$arr;
        } 
        else
            bn_redirect($loginpage);
    }

    public function Get_user_info()
    {
        if ($this->session->has_session())
            return (object)$this->session->get_array();
    }

    public function Logout($exitpage)
    {
        if ($this->session->has_session())
        {
            $this->session->delete();
            die(bn_redirect($exitpage));
        }
    }


    function __destruct()
    {
        unset($this->dl);
        unset($this->ui);
        unset($this->conf);
        unset($this->gf);
    }
}

?>